data "aws_vpc" "main" {
  filter {
    name   = "tag:Name"
    values = ["app2"]  # 使用与创建 VPC 相同的名称查找
  }
}

data "aws_subnets" "main" {
  filter {
    name   = "vpc-id"
    values = [data.aws_vpc.main.id]  # 使用查找到的 VPC ID
  }
}

module "tt2" {
  source        = "../../modules/security_group"
  sg_name       = "web-sg"
  sg_description = "Security group for web servers"
  vpc_id        = data.aws_vpc.main.id

  ingress_rules = [
    {
      from_port   = 80
      to_port     = 80
      protocol    = "tcp"
      cidr_blocks = ["0.0.0.0/0"]
    },
    {
      from_port   = 443
      to_port     = 443
      protocol    = "tcp"
      cidr_blocks = ["0.0.0.0/0"]
    },
    {
      from_port   = 0
      to_port     = 0
      protocol    = "-1"
      cidr_blocks = ["0.0.0.0/0"]
    }
  ]

  egress_rules = [
    {
      from_port   = 0
      to_port     = 0
      protocol    = "-1"  # 代表所有协议
      cidr_blocks = ["0.0.0.0/0"]
    }
  ]
}

